'use strict';
const db = uniCloud.database();
const table = 'comment';
const dbCmd = db.command
var appid = 'wx985999a4c0a314a4'
var secret = '5bb00d021fd4fe3230e57b54c03988c7'
exports.main = async (event, context) => {
	const action = event.cloudAction;
	let params = event.params;
	var objectid = params.objectid;
	var ssuserid = params.ssuserid;
	var tablename = params.tablename;

	switch (action) {
		case "index":
			var collection = db.collection(table)
			var res = await collection
				.where({
					status: dbCmd.eq(0).or(dbCmd.eq(1))
				})
				.orderBy("_id", "desc")
				.skip(params.start)
				.limit(params.limit)
				.get();
			return {
				error: 0,
					data: {
						list: res.data
					}
			};
			break;
		case "list":
			var collection = db.collection(table)

			var res = await collection
				.where({
					status: dbCmd.eq(0).or(dbCmd.eq(1)),
					objectid: objectid,
					tablename: tablename
				})
				.orderBy("_id", "desc")
				.skip(params.start)
				.limit(params.limit)
				.get();
			var uids = [];
			if (res.data.length > 0) {
				for (var i in res.data) {
					uids.push(res.data[i].userid)
				}
				var uRes = await uniCloud.callFunction({
					name: "user",
					data: {
						cloudAction: "getListByIds",
						params: {
							uids: uids
						}
					}
				})
				console.log("listRes", uids, uRes.result);

				var users = uRes.result.data;
				var us = [];
				for (var i in users) {
					us[users[i]._id] = users[i];
				}
				/*
				console.log("uids",uids)
				var tb_user=db.collection("uni-id-users");
				var users = await tb_user.where({
					_id:dbCmd.in(uids)
				}).get();
				console.log("users:",users)
				var us=[];
				for(var i in users.data){
					us[users.data[i]._id]=users.data[i];
				}
				*/
				for (var i in res.data) {
					res.data[i].user = us[res.data[i].userid];
				}
			}

			return {
				error: 0,
					data: {
						list: res.data
					}
			};
			break;
		case "show":
			var id = params.id;
			var collection = db.collection(table)
			var res = await collection.where({
				_id: id
			}).limit(1).get();
			//获取作者
			var userid = res.data[0].userid;
			var tb_user = db.collection("uni-id-users");
			var user = await tb_user.where({
				_id: userid
			}).limit(1).get();

			return {
				error: 0,
					data: {
						data: res.data[0],
						user: user.data[0]
					},
			};
			break;
		case "my":
			var collection = db.collection(table)
			var res = await collection.where({
					userid: params.ssuserid
				})
				.orderBy("_id", "desc")
				.skip(params.start)
				.limit(params.limit)
				.get();
			return {
				error: 0,
					data: {
						list: res.data
					}
			};
			break;
		case "add":
			var id = params.id;
			var collection = db.collection(table)
			var res = await collection.where({
				_id: id
			}).limit(1).get();
			var userid = params.ssuserid;
			delete params.ssuserid;

			if (res.data.length < 1) {
				return {
					error: 1,
					message: "数据不存在"
				}
			}
			if (res.data[0].userid != userid) {
				return {
					error: 1,
					message: "您无权限"
				}
			}
			return {
				error: 0,
					data: res,
			};
			break;
		case "save":
			const rowData = await textSecCheck(params)
			if (rowData.error == 1) {
				return {
					error: 1,
					message: "文字涉及隐私不予发布"
				}
			} else {
				var collection = db.collection(table)
				if (params.userid == '') {
					return {
						error: 1,
						message: "用户信息出错"
					}
				}
				if (params._id != undefined) {
					var _id = params._id;
					delete params._id;
					var userid = params.userid;
					var row = await collection.where({
						_id: _id
					}).limit(1).get();

					if (row.data.length < 1) {
						return {
							error: 1,
							message: "数据不存在"
						}
					}
					if (row.data[0].userid != userid) {
						return {
							error: 1,
							message: "您无权限"
						}
					}
					var res = await collection.doc(_id).update(params)
				} else {
					var res = await collection.add(params);
					//更新主表
					var pTable = db.collection(tablename);
					var pRow = await pTable.where({
						_id: objectid
					}).limit(1).get();
					// console.log(objectid, tablename, pRow)
					var pRes = await pTable.doc(objectid).update({
						comment_num: pRow.data[0].comment_num + 1
					})
					//结束主表
				}
				return {
					error: 0,
					data: res,
				};
			}
			break;
		case "delete":
			var id = params.id;
			var collection = db.collection(table)
			var res = await collection.doc(id).remove();
			//更新主表
			var pTable = db.collection(tablename);
			var pRow = await pTable.where({
				_id: objectid
			}).limit(1).get();

			var pRes = await pTable.doc(objectid).update({
				comment_num: pRow.data[0].comment_num - 1
			})
			//结束主表
			return {
				error: 0,
					data: "success",
			};
			break;

	}

	return event
};

async function getAccessToken() {
	var tokenUrl =
		'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' + appid + '&secret=' + secret
	let rowData = null
	const res = await uniCloud.httpclient.request(tokenUrl, { // 此处appid和seceret要使用本身真实的
		dataType: 'json'
	})
	if (res.status === 200) {
		const {
			access_token
		} = res.data
		rowData = {
			code: 200,
			message: '获取getAccessToken成功',
			result: access_token
		}
	} else {
		rowData = {
			code: 500,
			message: '获取getAccessToken失败',
		}
	}
	return rowData
}

async function textSecCheck(params) {
	const {
		result
	} = await getAccessToken()
	const openidData = await getOpenId(params)
	console.log('params', params)
	if (result) {
		var apiUrl = 'https://api.weixin.qq.com/wxa/msg_sec_check?access_token=' + result
		var {
			status,
			data
		} = await uniCloud.httpclient.request(apiUrl, {
			method: 'POST',
			data: {
				content: params.content,
				scene: 2,
				version: 2,
				openid: openidData.openid,
			},
			contentType: 'json', // 指定以application/json发送data内的数据
			dataType: 'json' // 指定返回值为json格式，自动进行parse
		})
		console.log('data', data)
		if (status === 200 && data.errcode === 0) {
			return {
				code: 200,
				message: '内容合法'
			}
		} else {
			return {
				code: 500,
				error: 1,
				message: '内容出错或违规'
			}
		}
	}
}

async function getOpenId(params) {
	var apiUrl =
		'https://api.weixin.qq.com/sns/jscode2session?appid=' + appid + '&secret=' + secret + '&js_code=' + params
		.openid + '&grant_type=authorization_code'
	var {
		status,
		data
	} = await uniCloud.httpclient.request(apiUrl, {
		method: 'GET',
		dataType: 'json' // 指定返回值为json格式，自动进行parse
	})
	return data
}
async function imgSecCheck(params) {
	const {
		result
	} = await getAccessToken()
	if (result) {
		const {
			status,
			data
		} = await uniCloud.httpclient.request(
			`https://api.weixin.qq.com/wxa/img_sec_check?access_token=${result}`, { // 此处appid和seceret要使用本身真实的
				dataType: 'json',
				files: [Buffer.from(params.source, 'base64')]
			})

		if (status === 200 && data.errcode === 0) {
			return {
				code: 200,
				message: '图片合法'
			}
		} else {
			return {
				code: 500,
				message: '图片出错或违规'
			}
		}
	}
}
